|
North American Network Operators Group Date Prev | Date Next | Date Index | Thread Index | Author Index | Historical Re: User negligence?
From: "Sean Donelan" <[email protected]> > Unfortunately there are a lot, and growing number, of self-infected PCs > on the net. As the banks point out, this is not a breach of the bank's > security. Nor is it a breach of the ISP's security. The user infects > his PC with a trojan and then the criminal uses the PC to transfer money > from the user's account, with the user's own password. Banks use passwords for authentication? That's what scares me. Personally, I find it terrifying that banks allow such weak authentication as a password for financial transactions. To the best of my knowledge, all banks around here use a smartcard based system. It might be a bit more inconvenient, but the added security makes it well worth it, in my opinion. It may not be a breach of the bank's security as such, but the measures they take in order to protect their customers' money is in my opinion so low that, IMHO, they are the ones guilty of negligence. -Kandra
|